Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/28519f-dc48-4f31-a35e-99ee4a8985c3/1/IUBye_3PzagtO4VdvzKjOKa4D4w.roa
File:                     IUBye_3PzagtO4VdvzKjOKa4D4w.roa (raw, json)
Hash identifier:          n7WPRljpQwVfxkY2eh/MSAdb9j98eTZR4b9ZcYH6C08=
Subject key identifier:   21:40:72:7B:FD:CF:CD:A8:2D:3B:85:5D:BF:32:A3:38:A6:B8:0F:8C
Certificate issuer:       /CN=ef739c0c04a4271b5aad62c119229e18fada5fd3
Certificate serial:       018480046D37FB87817ACB5D134BE19664CF
Authority key identifier: EF:73:9C:0C:04:A4:27:1B:5A:AD:62:C1:19:22:9E:18:FA:DA:5F:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/73OcDASkJxtarWLBGSKeGPraX9M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/28519f-dc48-4f31-a35e-99ee4a8985c3/1/IUBye_3PzagtO4VdvzKjOKa4D4w.roa
Signing time:             Wed 16 Nov 2022 10:38:04 +0000
ROA not before:           Wed 16 Nov 2022 10:38:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6830
IP address blocks:        193.5.56.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:80:04:6d:37:fb:87:81:7a:cb:5d:13:4b:e1:96:64:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef739c0c04a4271b5aad62c119229e18fada5fd3
        Validity
            Not Before: Nov 16 10:38:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2140727bfdcfcda82d3b855dbf32a338a6b80f8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:5e:0c:28:91:74:c5:e5:f1:2a:8a:87:49:c0:
                    92:d7:9f:39:cc:6d:d0:30:c0:18:57:95:11:bc:8a:
                    be:30:97:8c:c0:f0:b3:14:91:b2:0d:45:21:82:3d:
                    52:a1:d7:d9:0a:5c:bb:9a:95:b6:f7:b0:11:15:90:
                    2c:af:75:38:d0:7d:23:f3:26:55:7c:3e:49:67:cb:
                    68:36:78:f2:cd:27:22:8e:a4:a6:6f:8e:d0:7c:14:
                    19:fe:d6:aa:c9:7b:99:7e:2f:a1:98:1b:40:57:bb:
                    81:20:c2:bf:49:67:0c:e6:dd:1e:53:f1:fc:db:48:
                    b7:3d:13:89:12:c8:d7:b0:4c:e1:99:4e:19:be:8c:
                    53:e0:3c:4f:fd:9f:38:f1:2c:fe:47:11:fa:ab:a7:
                    13:af:8d:99:24:9b:28:55:51:9f:cb:22:9a:d4:e1:
                    3a:dc:c5:27:56:ba:bc:98:86:1e:11:88:1d:b0:5f:
                    5b:d3:86:db:31:e2:52:ae:42:fd:a9:88:d5:d6:ca:
                    8f:e0:6f:eb:f3:86:c3:50:c9:30:d7:91:7a:cc:ee:
                    3c:98:8f:92:0c:e7:f4:87:98:7e:f6:59:53:f2:5f:
                    95:dc:9e:65:99:ab:c7:7d:d9:ef:a6:e1:79:71:2e:
                    88:95:c0:66:20:48:14:01:89:69:72:7f:d7:ff:0a:
                    a5:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:40:72:7B:FD:CF:CD:A8:2D:3B:85:5D:BF:32:A3:38:A6:B8:0F:8C
            X509v3 Authority Key Identifier:
                keyid:EF:73:9C:0C:04:A4:27:1B:5A:AD:62:C1:19:22:9E:18:FA:DA:5F:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73OcDASkJxtarWLBGSKeGPraX9M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/28519f-dc48-4f31-a35e-99ee4a8985c3/1/IUBye_3PzagtO4VdvzKjOKa4D4w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/28519f-dc48-4f31-a35e-99ee4a8985c3/1/73OcDASkJxtarWLBGSKeGPraX9M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.5.56.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:bb:18:59:c7:64:d9:32:01:8c:56:91:c3:54:92:c2:56:36:
         6e:3b:c9:b3:cf:59:6e:b7:d3:e3:30:6c:7c:9b:07:5d:cf:bb:
         41:19:80:50:07:a1:b8:70:58:54:3d:1d:08:34:b9:22:02:3e:
         45:f9:39:4f:3d:a1:83:45:6a:2b:21:31:ea:2d:7c:66:72:6d:
         e1:89:30:16:06:46:b6:24:dc:ff:3f:42:b9:58:59:4f:96:d7:
         fa:28:bd:29:14:51:df:74:37:42:a3:ad:84:b8:4c:b2:af:54:
         0a:d9:44:39:bb:fa:c9:33:78:89:0e:36:4a:01:61:30:5c:a6:
         d6:fe:39:10:6d:47:f1:c9:0c:6a:c4:4e:48:25:c3:f9:be:6b:
         a5:a7:e7:a5:e4:3a:bd:88:a8:fe:02:f6:6c:4a:b5:44:b2:d7:
         56:6e:01:e8:db:ca:e0:a1:e9:a7:c5:a3:29:65:60:7e:ba:64:
         ca:2c:c0:0d:b7:e9:62:3c:ae:d3:cc:af:c3:25:55:ac:5a:ab:
         95:b5:a1:f2:90:7b:0a:d0:96:33:a3:54:87:13:b6:eb:1b:dc:
         50:4a:da:d8:0d:d8:90:d9:07:95:20:dc:e6:eb:75:0a:df:5e:
         47:4b:79:6d:35:01:44:19:0b:5f:66:78:27:ea:71:47:e5:2e:
         b7:6c:47:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSABG03+4eBestdE0vhlmTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNzM5YzBjMDRhNDI3MWI1YWFkNjJjMTE5MjI5ZTE4ZmFk
YTVmZDMwHhcNMjIxMTE2MTAzODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQwNzI3YmZkY2ZjZGE4MmQzYjg1NWRiZjMyYTMzOGE2YjgwZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF4MKJF0xeXxKoqHScCS1585zG3Q
MMAYV5URvIq+MJeMwPCzFJGyDUUhgj1SodfZCly7mpW297ARFZAsr3U40H0j8yZV
fD5JZ8toNnjyzScijqSmb47QfBQZ/taqyXuZfi+hmBtAV7uBIMK/SWcM5t0eU/H8
20i3PROJEsjXsEzhmU4ZvoxT4DxP/Z848Sz+RxH6q6cTr42ZJJsoVVGfyyKa1OE6
3MUnVrq8mIYeEYgdsF9b04bbMeJSrkL9qYjV1sqP4G/r84bDUMkw15F6zO48mI+S
DOf0h5h+9llT8l+V3J5lmavHfdnvpuF5cS6IlcBmIEgUAYlpcn/X/wql8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFAcnv9z82oLTuFXb8yozimuA+MMB8GA1UdIwQY
MBaAFO9znAwEpCcbWq1iwRkinhj62l/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzNPY0RBU2tKeHRhcldMQkdTS2VHUHJhWDlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8yODUxOWYtZGM0OC00ZjMxLWEzNWUt
OTllZTRhODk4NWMzLzEvSVVCeWVfM1B6YWd0TzRWZHZ6S2pPS2E0RDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8yODUxOWYtZGM0OC00ZjMxLWEzNWUtOTllZTRhODk4NWMz
LzEvNzNPY0RBU2tKeHRhcldMQkdTS2VHUHJhWDlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwQU4MA0G
CSqGSIb3DQEBCwUAA4IBAQA2uxhZx2TZMgGMVpHDVJLCVjZuO8mzz1lut9PjMGx8
mwddz7tBGYBQB6G4cFhUPR0INLkiAj5F+TlPPaGDRWorITHqLXxmcm3hiTAWBka2
JNz/P0K5WFlPltf6KL0pFFHfdDdCo62EuEyyr1QK2UQ5u/rJM3iJDjZKAWEwXKbW
/jkQbUfxyQxqxE5IJcP5vmulp+el5Dq9iKj+AvZsSrVEstdWbgHo28rgoemnxaMp
ZWB+umTKLMANt+liPK7TzK/DJVWsWquVtaHykHsK0JYzo1SHE7brG9xQStrYDdiQ
2QeVINzm63UK315HS3ltNQFEGQtfZngn6nFH5S63bEdL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:56 2024 by rpki-client on console-ams.rpki-client.org